Toshiba unit hacked in Europe by same group behind US attack

WASHINGTON • A unit of Japan's Toshiba said yesterday that it had been hacked in Europe by the DarkSide ransomware group, widely believed to have been behind an attack last week which crippled a fuel pipeline in the United States.

Toshiba Tec Corp, which makes products like bar code printers and is valued at US$2.3 billion (S$3 billion), was hacked by DarkSide, its French subsidiary said. It added, however, that only a minimal amount of work data had been lost.

"There are around 30 groups within DarkSide that are attempting to hack companies all the time, and they succeeded this time with Toshiba," said Mr Takashi Yoshikawa, a senior malware analyst at Mitsui Bussan Secure Directions.

Employees accessing company computer systems from home during pandemic lockdowns have made firms more vulnerable to cyber attacks, he added.

Screenshots of DarkSide's post provided by the cyber-security firm said more than 740 gigabytes of information was compromised, including passport and other personal information.

Ransomware attacks have increased in number and in the amount of demands, with hackers encrypting data and seeking payment in cryptocurrency to unlock it. They increasingly release stolen data as well, or threaten to unless they are paid more.

Ireland's health service said yesterday that it had shut down its IT systems after what it described as a "significant" ransomware attack.

Reuters could not access DarkSide's public-facing website yesterday. Security researchers said DarkSide's multiple websites had stopped being accessible.

It is not clear if the site is down because of a technical issue, which is common on the Dark Web, or some action by law enforcement or the group itself.

DarkSide maintains at least eight domains or websites on the Dark Web.

One is a public-facing website used by DarkSide and its hackers-for-hire to name and shame victims who have ignored or refused the group's ransom demands. The other seven sites are used by the group to host the data they have stolen.

BLOOMBERG

Join ST's Telegram channel and get the latest breaking news delivered to you.

A version of this article appeared in the print edition of The Straits Times on May 15, 2021, with the headline Toshiba unit hacked in Europe by same group behind US attack. Subscribe